CVE-2026-41972

CVSS 5.4 · Medium EPSS 0.02% · P4 Updated Jun 13, 2026

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 3

Vendor	Product	Version Range	Status
Huawei	HarmonyOS	`6.1.0`	affected
		`6.0.0`	affected
		`5.1.0`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-41972

AIGC Shenlong Model
NVD (National Vulnerability Database)

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Path traversal vulnerability in the SMS app. Impact: Successful exploitation of this vulnerability may affect availability.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

对路径名的限制不恰当(路径遍历)

Source: NVD (National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Huawei	HarmonyOS	6.1.0	-

II. Public POCs for CVE-2026-41972

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-41972

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-41972 (1)

🔗 Security Bulletins for HUAWEI Phones/Tablets, June 2026 Read full article

https://nvd.nist.gov/vuln/detail/CVE-2026-41972

Same Patch Batch · Huawei · 2026-06-09 · 15 CVEs total

CVE-2026-41976	6.6 MEDIUM	音频框架权限控制漏洞
CVE-2026-41982	6.4 MEDIUM	IPC模块竞态条件漏洞影响可用性
CVE-2026-41975	6.3 MEDIUM	华为网络管理系统网络管理模块权限管理漏洞
CVE-2026-41973	5.9 MEDIUM	Android呼叫组件权限控制漏洞
CVE-2026-41980	5.5 MEDIUM	文件预览模块权限控制漏洞
CVE-2026-41979	5.5 MEDIUM	XX软件打印模块权限控制漏洞
CVE-2026-41981	5.3 MEDIUM	IPC模块越界写漏洞影响可用性
CVE-2026-41984	5.2 MEDIUM	软件包管理服务UAF漏洞
CVE-2026-41985	5.1 MEDIUM	软件包管理模块UAF漏洞
CVE-2026-41977	5.0 MEDIUM	log服务拒绝服务漏洞
CVE-2026-41978	4.4 MEDIUM	clone模块权限控制漏洞
CVE-2026-41983	4.3 MEDIUM	浏览器内核DoS漏洞
CVE-2026-41974	3.6 LOW	Service Notification权限控制漏洞
CVE-2026-41986	2.4 LOW	文件系统逻辑绕过漏洞影响可用性

IV. Related Vulnerabilities

Same product: HarmonyOS

Same vendor: Huawei

Same weakness: CWE-22

V. Comments for CVE-2026-41972

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-41972

Possible ATT&CK Techniques 1AI

Affected Version Matrix 3

I. Basic Information for CVE-2026-41972

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-41972

III. Intelligence Information for CVE-2026-41972

Vendor Advisories for CVE-2026-41972 (1)

Same Patch Batch · Huawei · 2026-06-09 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-41972

Leave a comment